Skip to content

ida ¤

Talks to an XMLRPC server running inside of an active IDA Pro instance, in order to query it about the database. Allows symbol resolution and interactive debugging.

Classes:

Functions:

Attributes:

ida_rpc_host module-attribute ¤

ida_rpc_host = add_param(
    "ida-rpc-host", "127.0.0.1", "ida xmlrpc server address"
)

ida_rpc_port module-attribute ¤

ida_rpc_port = add_param('ida-rpc-port', 43718, 'ida xmlrpc server port')

ida_timeout module-attribute ¤

ida_timeout = add_param(
    "ida-timeout", 2, "time to wait for ida xmlrpc in seconds"
)

P module-attribute ¤

P = ParamSpec('P')

T module-attribute ¤

T = TypeVar('T')

colored_pc module-attribute ¤

colored_pc = None

idc module-attribute ¤

idc = IDC()

ida_replacements module-attribute ¤

ida_replacements = {
    "__int64": "signed long long int",
    "__int32": "signed int",
    "__int16": "signed short",
    "__int8": "signed char",
    "__uint64": "unsigned long long int",
    "__uint32": "unsigned int",
    "__uint16": "unsigned short",
    "__uint8": "unsigned char",
    "_BOOL_1": "unsigned char",
    "_BOOL_2": "unsigned short",
    "_BOOL_4": "unsigned int",
    "_BYTE": "unsigned char",
    "_WORD": "unsigned short",
    "_DWORD": "unsigned int",
    "_QWORD": "unsigned long long",
    "__pure": "",
    "__hidden": "",
    "__return_ptr": "",
    "__struct_ptr": "",
    "__array_ptr": "",
    "__fastcall": "",
    "__cdecl": "",
    "__thiscall": "",
    "__userpurge": "",
}

IDC ¤

Attributes:

query class-attribute instance-attribute ¤

query = (
    "{k:v for k,v in globals()['idc'].__dict__.items() if isinstance(v, int)}"
)

IdaProvider ¤

Bases: IntegrationProvider

Methods:

get_symbol ¤

get_symbol(addr: int) -> str | None

get_versions ¤

get_versions() -> tuple[str, ...]

is_in_function ¤

is_in_function(addr: int) -> bool

get_comment_lines ¤

get_comment_lines(addr: int) -> list[str]

decompile ¤

decompile(addr: int, lines: int) -> list[str] | None

get_func_type ¤

get_func_type(addr: int) -> Function | None

disable ¤

disable() -> None

get_stack_var_name ¤

get_stack_var_name(addr: int) -> str | None

Gets the name of a stack variable based on only the address of the variable.

ida_config_changed ¤

ida_config_changed() -> None

ensure_disabled ¤

ensure_disabled() -> None

try_init_ida_rpc_client ¤

try_init_ida_rpc_client() -> bool

Try to connect to the IDA RPC client.

If the connection succeeds, or we were already connected, return True. Otherwise, False.

An appropriate message will be also printed to the user.

enabledIDA ¤

enabledIDA(func: Callable[P, T]) -> Callable[P, T | None]

If we have a connection to Ida, call the function.

Otherwise, return None. Thus, all functions decorated with this must have "| None" in their return signature.

This will not try to open a connection if it doesn't already exist. No messages will be printed.

establish_connection ¤

establish_connection() -> bool

If we already had a connection, or succeed in creating a new one, return True. Otherwise False.

withIDA ¤

withIDA(func: Callable[P, T]) -> Callable[P, T | None]

Try to connect to Ida before running the decorated function.

If we fail connecting to Ida, return None. Thus, all functions decorated with this must have "| None" in their return signature.

Use this for user-initiated stuff like pwndbg.commands.ida.save_ida().

withHexrays ¤

withHexrays(func: Callable[P, T]) -> Callable[P, T | None]

takes_address ¤

takes_address(
    function: Callable[Concatenate[int, P], T],
) -> Callable[Concatenate[int, P], T]

returns_address ¤

returns_address(function: Callable[P, int]) -> Callable[P, int]

l2r ¤

l2r(addr: int) -> int

r2l ¤

r2l(addr: int) -> int

remote ¤

remote(function) -> None

Runs the provided function in IDA's interpreter.

The function must be self-contained and not reference any global variables.

base ¤

base()

Comment ¤

Comment(addr: int)

Name ¤

Name(addr: int)

GetFuncOffset ¤

GetFuncOffset(addr: int)

GetFuncAttr ¤

GetFuncAttr(addr: int, attr: int)

GetType ¤

GetType(addr: int)

here ¤

here() -> int

Jump ¤

Jump(addr: int)

Anterior ¤

Anterior(addr: int)

GetBreakpoints ¤

GetBreakpoints()

GetBptQty ¤

GetBptQty()

GetBptEA ¤

GetBptEA(i: int) -> int

UpdateBreakpoints ¤

UpdateBreakpoints() -> None

SetColor ¤

SetColor(pc, color)

Auto_Color_PC ¤

Auto_Color_PC() -> None

Auto_UnColor_PC ¤

Auto_UnColor_PC() -> None

LocByName ¤

LocByName(name) -> int

PrevHead ¤

PrevHead(addr)

NextHead ¤

NextHead(addr)

GetFunctionName ¤

GetFunctionName(addr)

GetFlags ¤

GetFlags(addr)

isASCII ¤

isASCII(flags)

ArgCount ¤

ArgCount(address) -> None

SaveBase ¤

SaveBase(path: str)

GetIdbPath ¤

GetIdbPath()

has_cached_cfunc ¤

has_cached_cfunc(addr)

decompile ¤

decompile(addr) -> str | None

decompile_context ¤

decompile_context(pc, context_lines) -> str | None

get_ida_versions ¤

get_ida_versions() -> dict[str, str]

GetStrucQty ¤

GetStrucQty()

GetStrucId ¤

GetStrucId(idx)

GetStrucName ¤

GetStrucName(sid)

GetStrucSize ¤

GetStrucSize(sid)

GetFrameId ¤

GetFrameId(addr)

GetMemberQty ¤

GetMemberQty(sid)

GetMemberSize ¤

GetMemberSize(sid, offset)

GetMemberId ¤

GetMemberId(sid, offset)

GetMemberName ¤

GetMemberName(sid, offset)

GetMemberOffset ¤

GetMemberOffset(sid, member_name)

GetMemberFlag ¤

GetMemberFlag(sid, offset)

GetStrucNextOff ¤

GetStrucNextOff(sid, offset)

print_member ¤

print_member(sid, offset) -> None

print_structs ¤

print_structs() -> None